PANews
PANews|1月 14, 2026 03:04
[Report: Malicious Chrome Extension Disguised as a Trading Tool Steals Users' MEXC API Keys] According to a report by the security agency Socket Threat Research Team, a malicious Chrome extension named 'MEXC API Automator' has been available on the Chrome Web Store since September 1, 2025. It is capable of stealing newly created API keys from users of the cryptocurrency exchange MEXC and sending them to a Telegram bot controlled by the attackers. The extension lures users with promises of trading automation, automatically generating MEXC API keys with withdrawal permissions without the user's knowledge. It conceals the display of these permissions in the interface and subsequently leaks the keys along with encrypted data. Using this method, attackers can gain full control of the victim's MEXC account, execute trades, initiate automatic withdrawals, and transfer assets from the account. As of the time of the report's release, the extension is still available for download on the Chrome Web Store. The research team has reported the issue to Google and flagged the extension.
+6
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads